HIGH🇬🇧 English

CVE-2010-3136

CVSS 9.3v2.0pub. 2010-08-26upd. 2026-04-29

Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.

oryginał EN
CVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Skype

    APP
    Skype
    0.90.0.100.90.0.50.91.0.20.92.0.40.93.0.180.93.1.10.94.0.190.94.0.280.95.0.110.95.0.250.95.0.360.95.0.400.96.0.10.96.0.30.97.0.1+ 85 więcej
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2024-21411HIGH8.8ten sam produkt

Skype for Consumer Remote Code Execution Vulnerability

CVE-2011-2074HIGH8.5ten sam produkt

Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 on Mac OS X allows remote authenticated ...

CVE-2009-4741HIGH10.0ten sam produkt

Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unkno...

CVE-2004-1778MEDIUM4.6ten sam produkt

Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang director...

CVE-2006-2312LOW2.6ten sam produkt

Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Window...

CVE-2010-3136 — HIGH 9.3 | CVEbaza.pl